Item validation and image evaluation system

ABSTRACT

Systems for item validation and image evaluation are provided. In some examples, a system may receive an instrument and associated data. The instrument may be received and a user profile may be retrieved. The user profile may include a plurality of previously processed instruments that have been determined to be valid and/or authentic. The instrument may be compared to the plurality of previously processed instruments to determine whether one or more elements of the instrument being evaluated match one or more corresponding elements of the plurality of previously processed instruments. Matching or non-matching elements may be identified. In some examples, one or more user interfaces may be generated displaying the instruments and including any highlighting or enhancements identifying matching or non-matching elements.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is related to U.S. application Ser. No. 16/157,326filed Oct. 11, 2018, and entitled, “Image Evaluation and DynamicCropping System,” U.S. application Ser. No. 16/157,384 filed Oct. 11,2018, and entitled, “Enterprise Profile Management and Control System,”and U.S. application Ser. No. 16/157,473 filed Oct. 11, 2018 andentitled, “Dynamic Profile Control System.” All of which areincorporated herein by reference in their entirety

BACKGROUND

Aspects of the disclosure relate to electrical computers, systems, andmachine learning. In particular, one or more aspects of the disclosurerelate to item validation and image evaluation.

Thwarting unauthorized activity on one or more accounts is an importantfunction. As unauthorized actors become more sophisticated, it can bedifficult to identify unauthorized instruments. Further, even systemsconfigured to identify unauthorized instruments can identify falsepositives. Accordingly, it would be advantageous to have a system forfurther evaluating instruments, for instance, after an initialevaluation, to determine whether the instrument is unauthorized,identify aspects of an authorized or unauthorized instrument, and thelike.

SUMMARY

The following presents a simplified summary in order to provide a basicunderstanding of some aspects of the disclosure. The summary is not anextensive overview of the disclosure. It is neither intended to identifykey or critical elements of the disclosure nor to delineate the scope ofthe disclosure. The following summary merely presents some concepts ofthe disclosure in a simplified form as a prelude to the descriptionbelow.

Aspects of the disclosure provide effective, efficient, scalable, andconvenient technical solutions that address and overcome the technicalproblems associated with accurately evaluating instruments forauthenticity and validity.

In some examples, a system, computing platform, or the like, may receivean instrument and associated data. In some examples, the instrument mayhave been previously evaluated or processed to determine validity and/orauthenticity. In some arrangements, the associated data may include avalidity rating.

The instrument may be received and a user profile may be retrieved. Theuser profile may include a plurality of previously processed instrumentsthat have been determined to be valid and/or authentic. The instrumentmay be compared to the plurality of previously processed instruments todetermine whether one or more elements of the instrument being evaluatedmatch one or more corresponding elements of the plurality of previouslyprocessed instruments. Matching or non-matching elements may beidentified. In some examples, one or more user interfaces may begenerated displaying the instruments and including any highlighting orenhancements identifying matching or non-matching elements.

These features, along with many others, are discussed in greater detailbelow.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example and not limitedin the accompanying figures in which like reference numerals indicatesimilar elements and in which:

FIGS. 1A and 1B depict an illustrative computing environment forimplementing item validation and image evaluation functions inaccordance with one or more aspects described herein;

FIGS. 2A-2C depict an illustrative event sequence for implementing itemvalidation and image evaluation functions in accordance with one or moreaspects described herein;

FIG. 3 depicts an illustrative method for implementing and using asystem to perform item validation and image evaluation functions,according to one or more aspects described herein;

FIG. 4 illustrates example user interface in accordance with one or moreaspects described herein;

FIG. 5 illustrates another example user interface in accordance with oneor more aspects described herein;

FIG. 6 illustrates one example operating environment in which variousaspects of the disclosure may be implemented in accordance with one ormore aspects described herein; and

FIG. 7 depicts an illustrative block diagram of workstations and serversthat may be used to implement the processes and functions of certainaspects of the present disclosure in accordance with one or more aspectsdescribed herein.

DETAILED DESCRIPTION

In the following description of various illustrative embodiments,reference is made to the accompanying drawings, which form a parthereof, and in which is shown, by way of illustration, variousembodiments in which aspects of the disclosure may be practiced. It isto be understood that other embodiments may be utilized, and structuraland functional modifications may be made, without departing from thescope of the present disclosure.

It is noted that various connections between elements are discussed inthe following description. It is noted that these connections aregeneral and, unless specified otherwise, may be direct or indirect,wired or wireless, and that the specification is not intended to belimiting in this respect.

Some aspects of the disclosure relate to item validation and imageevaluation.

As mentioned above, protecting user data and thwarting unauthorizedactivity is a priority for most users. In some examples, unauthorizedactors may generate unauthorized or invalid checks or other instruments.The checks or other instruments may be generated to appear similar tovalid checks or other instruments of the user, but, in some examples,might not be identical. For instance, one or more of static (e.g., payeeline, payor information, magnetic ink character recognition (MICR) line,date, and the like) elements, and/or one or more dynamic elements (e.g.,signature, date information, amount information, payee information, orthe like) may be slightly or substantially different from a validinstrument. Accordingly, systems may identify similarities ordifferences to determine whether the instrument is likely valid orauthentic. However, these systems do not offer substantial informationas to why an instrument was deemed valid or invalid and also may beinaccurate and identify false positives.

Accordingly, aspects described herein are directed to systems forfurther analyzing checks or other instruments to identify why the checkor other instrument was deemed valid or invalid and also to eliminatethe likelihood of false positives. In some examples, a system, computingplatform, or the like, may receive a check or other instrument. In somearrangements, additional data may also be received, such as a validityscore associated with the check or other instrument.

In some arrangements, a user profile may be retrieved, such as from adatabase. The user profile may include information associated with theuser (e.g., name, contact information, account information, and thelike), as well as a plurality of checks or other instruments associatedwith the user that were previously processed. The check or instrumentbeing evaluated may be compared to the plurality of checks or otherinstruments in the user profile to evaluate validity, identify matchingor non-matching elements, and the like. One or more user interfaces maybe generated displaying the check or instrument being evaluated and oneor more checks or other instruments from the user profile andsimilarities or differences may be identified on the user interface.

Accordingly, outputs from the evaluation described herein may be used tofurther update, validate and/or refine systems used to perform initialevaluations of checks or other instruments to determine validity.

These and various other arrangements will be discussed more fully below.

FIGS. 1A and 1B depict an illustrative computing environment forimplementing and using a system for item validation and image evaluationin accordance with one or more aspects described herein. Referring toFIG. 1A, computing environment 100 may include one or more computingdevices and/or other computing systems. For example, computingenvironment 100 may include a potential counterfeit check evaluationcomputing platform 110, a check receiving and processing computingdevice 120, a first local user computing device 150, a second local usercomputing device 155, a first remote user computing device 170, and asecond remote user computing device 175.

Potential counterfeit check evaluation computing platform 110 may beconfigured to host and/or execute a machine learning engine to provideintelligent, dynamic image evaluation and item validation with respectto checks or other instruments or documents that have been identified aspotentially fraudulent or otherwise unauthorized. For instance, checkreceiving and processing computing device 120 may include one or morecomputing devices, servers, or the like, configured to receive checks orother instruments from a variety of sources. For instance, checks may bereceived via online or mobile banking applications executing on a usercomputing device, such as remote user computing device 170, 175, from anautomated teller machine (ATM) or other self-service kiosk, from abanking associated within a financial institution location, or the like.

In some examples, the checks may be received by the check receiving andprocessing computing device 120 and may be processed, in real-time ornear real-time, to evaluate the validity of the check or otherinstrument. In some examples, processing the check or other instrumentmay include comparing the check to one or more checks in a user profileassociated with users drafting the checks (e.g., account holder, payer,or the like) and generating a score representing a likelihood that thecheck is fraudulent. For instance, the check receiving and processingcomputing device 120 may compare the received check to the plurality ofchecks in the user profile to evaluate various regions, fields oraspects of the check to determine whether the received check matches oneor more checks in the user profile. Based on a number of matching items,a score may be determined. For instance, if several regions, fields, orthe like, match, a low score may be generated indicating that there is alow likelihood that the check is fraudulent. If few or no items match, ahigh score may be generated indicating that it is very likely that thecheck is fraudulent.

In some examples, the check receiving and processing computing device120 may convert the check to a digital image or may store a digitalimage of the check (e.g., if received via electronic systems such asonline or mobile banking applications). This check image data, as wellas the generated score, may be transmitted to the potential counterfeitcheck evaluation computing platform 110.

In some examples, all checks processed by the check receiving andprocessing computing device 120 may be transmitted to the potentialcounterfeit check evaluation computing platform 110. In other examples,only certain checks may be transmitted, such as those meeting certaincriteria (e.g., having a generated score within a predetermined range,having particular data fields that match or do not match, history offraudulent or unauthorized activity associated with an account of thecheck, or the like).

The potential counterfeit check evaluation computing platform 110 mayreceive the check and may perform an additional comparison of the checkto the plurality of checks in a user profile. In some examples, thisadditional evaluation of the check or check image data may be performedto provide additional information related to why a particular score wasgenerated for the check. In systems implemented by large entities, suchas a financial institution, millions of checks are being processed andevaluated every day. Accordingly, providing a secondary system togenerate additional information related to why a particular score wasgenerated for a check would increase efficiency, accuracy of checksflagged as fraudulent, aid in updating and validating systems forgenerating scores, and the like.

In some examples, the potential counterfeit check evaluation computingplatform 110 may display the check being evaluated along with one ormore other checks in the user profile. A secondary comparison may beperformed and regions or fields that match or do not match may behighlighted or otherwise visually indicated (e.g., by generating aborder around a region or field, by inserting a callout or other iconnear a region or field, or the like). For instance, if the check beingevaluated matches one or more other checks (or portions or regions ofthe checks match) the check being evaluated and the matching check maybe displayed with matching points highlighted. Alternatively, if thecheck being evaluated does not match one or more checks within the userprofile, the check being evaluated may be displayed with the check fromthe profile that does not match and non-matching regions or fields maybe highlighted. In some examples, the check being evaluated and thematching/non-matching check from the user profile may be displayedsimultaneously.

In some arrangements, the potential counterfeit check evaluationcomputing device 110 may evaluate a plurality of fields or regions. Forinstance, static elements of the checks, such as the payee line,location of the magnetic ink character recognition (MICR) line,signature line, position of check number, location of name of accountholder, or the like, may be evaluated. In some examples, a pixelassociated with a particular point of each static element may becompared. For instance, a pixel associated with a position of a start ofthe MICR line on the check being evaluated may be compared to a pixelassociated with a position of a start of the MICR line on checks in theuser profile. If the pixels or pixel locations (e.g., based on x and ycoordinates) match, that may be one factor indicating that the check islikely not fraudulent. Pixel locations for various other elements may becompared similarly.

In addition to static elements being compared, dynamic check elementsmay also be compared. For instance, a signature or position of asignature, a start of data including a date of the check, a start ofdata including an amount of the check, or the like may be evaluated. Insome examples, machine learning may be used to evaluate these and otherelements of the check.

Accordingly, upon identifying matching or non-matching elements, datamay be provided to a user indicating the matching/non-matching elements,and/or providing options for additional actions. For instance, if thecheck is a match, the system may provide an option to add the check to auser profile.

Local user computing device 150, 155 and remote user computing device170, 175 may be configured to communicate with and/or connect to one ormore computing devices or systems shown in FIG. 1A. For instance, localuser computing device 150, 155 may communicate with one or morecomputing systems or devices via network 190, while remote usercomputing device 170, 175 may communicate with one or more computingsystems or devices via network 195. In some examples, local usercomputing device 150, 155 may be used to access one or more entitysystems, functions or processes. In some examples, local user computingdevice 150, 155 may be used to access the potential counterfeit checkevaluation computing platform 110 and/or the check receiving andprocessing computing device 120 to control parameters of the system,update rules, modify settings, and the like. Local user computing device150, 155 may also include ATMs or other self-service kiosks, as well asbanking associated computing devices, that may receive checks from auser and may transmit the check or check images for further processing.

The remote user computing devices 170, 175 may be used to communicatewith, for example, potential counterfeit check evaluation computingplatform 110 and/or check receiving and processing computing device 120to capture check image data, transmit check image data, and the like.For instance, remote user computing devices 170, 175 may include usercomputing devices, such as mobile devices including smartphones,tablets, laptop computers, and the like, that may be used to accessand/or execute online banking applications, mobile banking applications,or the like.

In one or more arrangements, check receiving and processing computingdevice 120, local user computing device 150, local user computing device155, remote user computing device 170, and/or remote user computingdevice 175 may be any type of computing device or combination of devicescapable of performing the particular functions described herein. Forexample, check receiving and processing computing device 120, local usercomputing device 150, local user computing device 155, remote usercomputing device 170, and/or remote user computing device 175 may, insome instances, be and/or include server computers, desktop computers,laptop computers, tablet computers, smart phones, or the like that mayinclude one or more processors, memories, communication interfaces,storage devices, and/or other components. As noted above, and asillustrated in greater detail below, any and/or all of check receivingand processing computing device 120, local user computing device 150,local user computing device 155, remote user computing device 170,and/or remote user computing device 175 may, in some instances, bespecial-purpose computing devices configured to perform specificfunctions.

Computing environment 100 also may include one or more computingplatforms. For example, and as noted above, computing environment 100may include potential counterfeit check evaluation computing platform110. As illustrated in greater detail below, potential counterfeit checkevaluation computing platform 110 may include one or more computingdevices configured to perform one or more of the functions describedherein. For example, potential counterfeit check evaluation computingplatform 110 may include one or more computers (e.g., laptop computers,desktop computers, servers, server blades, or the like).

As mentioned above, computing environment 100 also may include one ormore networks, which may interconnect one or more of potentialcounterfeit check evaluation computing platform 110, check receiving andprocessing computing device 120, local user computing device 150, localuser computing device 155, remote user computing device 170, and/orremote user computing device 175. For example, computing environment 100may include private network 190 and public network 195. Private network190 and/or public network 195 may include one or more sub-networks(e.g., Local Area Networks (LANs), Wide Area Networks (WANs), or thelike). Private network 190 may be associated with a particularorganization (e.g., a corporation, financial institution, educationalinstitution, governmental institution, or the like) and may interconnectone or more computing devices associated with the organization. Forexample, potential counterfeit check evaluation computing platform 110,check receiving and processing computing device 120, local usercomputing device 150, and local user computing device 155, may beassociated with an organization (e.g., a financial institution), andprivate network 190 may be associated with and/or operated by theorganization, and may include one or more networks (e.g., LANs, WANs,virtual private networks (VPNs), or the like) that interconnectpotential counterfeit check evaluation computing platform 110, checkreceiving and processing computing device 120, local user computingdevice 150, and local user computing device 155, and one or more othercomputing devices and/or computer systems that are used by, operated by,and/or otherwise associated with the organization. Public network 195may connect private network 190 and/or one or more computing devicesconnected thereto (e.g., potential counterfeit check evaluationcomputing platform 110, check receiving and processing computing device120, local user computing device 150, local user computing device 155)with one or more networks and/or computing devices that are notassociated with the organization. For example, remote user computingdevice 170, and/or remote user computing device 175 might not beassociated with an organization that operates private network 190 (e.g.,because remote user computing device 170 and remote user computingdevice 175 may be owned, operated, and/or serviced by one or moreentities different from the organization that operates private network190, such as a second entity different from the entity, one or morecustomers of the organization, public or government entities, and/orvendors of the organization, rather than being owned and/or operated bythe organization itself or an employee or affiliate of theorganization), and public network 195 may include one or more networks(e.g., the internet) that connect remote user computing device 170 andremote user computing device 175 to private network 190 and/or one ormore computing devices connected thereto (e.g., potential counterfeitcheck evaluation computing platform 110, check receiving and processingcomputing device 120, local user computing device 150, local usercomputing device 155).

Referring to FIG. 1B, potential counterfeit check evaluation computingplatform 110 may include one or more processors 111, memory 112, andcommunication interface 113. A data bus may interconnect processor(s)111, memory 112, and communication interface 113. Communicationinterface 113 may be a network interface configured to supportcommunication between potential counterfeit check evaluation computingplatform 110 and one or more networks (e.g., private network 190, publicnetwork 195, or the like). Memory 112 may include one or more programmodules having instructions that when executed by processor(s) 111 causepotential counterfeit check evaluation computing platform 110 to performone or more functions described herein and/or one or more databases thatmay store and/or otherwise maintain information which may be used bysuch program modules and/or processor(s) 111. In some instances, the oneor more program modules and/or databases may be stored by and/ormaintained in different memory units of potential counterfeit checkevaluation computing platform 110 and/or by different computing devicesthat may form and/or otherwise make up potential counterfeit checkevaluation computing platform 110.

For example, memory 112 may have, store, and/or include a checkprocessing module 112 a. Check processing module 112 a may storeinstructions and/or data that may cause or enable the potentialcounterfeit check evaluation computing platform 110 to receive one ormore checks, check data, check image data, check validity scores, andthe like, for further evaluation. In some examples, check processingmodule 112 a may extract or parse data associated with the received datato identify a user or user profile or account associated with the payerof the check being evaluated, retrieve a user profile from user profiledatabase 112 f, and the like.

Potential counterfeit check evaluation computing platform 110 mayfurther have, store and/or include a match detection and evaluationmodule 112 b. Match detection and evaluation module 112 b may storeinstructions and/or data that may cause or enable the potentialcounterfeit check evaluation computing platform 110 to process receivedcheck data, images, and the like, compare the received checks, checkimages, check data and the like to a plurality of checks in a userprofile, and identify regions, fields, or other check elements thatmatch or do not match. For instance, as discussed above, the matchdetection and evaluation module 112 b may evaluate a location (e.g.,based on one or more pixel locations) of static and/or dynamic elementsof a check or other instrument being evaluated with correspondinglocations on one or more checks in the user profile. Based on thisevaluation, the match detection and evaluation module 112 b maydetermine whether regions, fields, elements or the like, of the checkbeing evaluated match one or more checks in the user profile. If so, thecheck is likely not fraudulent or counterfeit. If not, the check islikely fraudulent or counterfeit.

In some examples, matching and/or non-matching regions, fields, elementsor the like may be visually displayed to a user. For instance, the matchdetection and evaluation module 112 b may identify matching and/ornon-matching regions on the check being evaluated and one or more checksin a user profile and may highlight or otherwise flag those regions,fields, elements, or the like. User interface generation module 112 emay include instructions and/or data that may cause or enable thepotential counterfeit check evaluation computing platform 110 togenerate a user interface displaying the check being evaluated and theone or more matching or non-matching checks simultaneously. The userinterface may include images of the check being evaluated and thematching/non-matching checks, as well as highlighting or otherenhancements on or near the regions, elements, fields, or the like, thatare matching or non-matching. In some examples, the user interface mayfurther include options for additional processing. For instance, if thecheck being evaluated matches the checks on the user profile, the userinterface may include a selectable option to add the check beingevaluated (or image thereof) to the user profile. Various otherrecommendations and/or options may be provided via the user interfacewithout departing from the invention.

Potential counterfeit check evaluation computing platform 110 mayfurther have, store and/or include a machine learning engine 112 c andmachine learning datasets 112 d. Machine learning engine 112 c andmachine learning datasets 112 d may store instructions and/or data thatmay cause or enable potential counterfeit check evaluation computingplatform 110 to evaluate received checks as compared to checks storedwithin a user profile to determine a likelihood that the check beingevaluated is fraudulent. The machine learning datasets 112 d may begenerated based on analyzed data (e.g., data from previously receiveddata, previously analyzed checks, and the like), raw data, and/orreceived from one or more outside sources.

The machine learning engine 112 c may receive check images and/or dataand, using one or more machine learning algorithms, may generate one ormore machine learning datasets 112 d. Various machine learningalgorithms may be used without departing from the invention, such assupervised learning algorithms, unsupervised learning algorithms,regression algorithms (e.g., linear regression, logistic regression, andthe like), instance based algorithms (e.g., learning vectorquantization, locally weighted learning, and the like), regularizationalgorithms (e.g., ridge regression, least-angle regression, and thelike), decision tree algorithms, Bayesian algorithms, clusteringalgorithms, artificial neural network algorithms, and the like.Additional or alternative machine learning algorithms may be usedwithout departing from the invention. In some examples, the machinelearning engine 112 c may analyze data to identify patterns of activity,sequences of activity, and the like, to generate one or more machinelearning datasets 112 d.

In some examples, the machine learning datasets 112 d may includemachine learning data linking one or more user check elementcharacteristics to previously identified fraudulent or counterfeitchecks. The machine learning datasets 112 d may be updated and/orvalidated based on subsequent data received, for example, after a checkhas been evaluated, identified as fraudulent, added to a user profile,or the like.

In some examples, the machine learning datasets 112 d may be used by,for example, match detection and evaluation module 112 b to evaluatechecks to determine whether a match exists, regions, fields or elementsthat match, or the like.

Potential counterfeit check evaluation computing platform 110 mayfurther have, store and/or include a user profile database 112 f. Userprofile database 112 f may store user profiles and associatedinformation, such as name of a user, account information, contactinformation, or the like. In some examples, the user profiles may storeone or more checks or check images associated with the user or useraccount that are identified as not fraudulent for later comparison tochecks being evaluated for authenticity. The checks or check images maycorrespond to a plurality of previously processed checks or otherinstruments that, in at least some examples, were determined to bevalid.

FIGS. 2A-2C depict an illustrative event sequence for implementing andusing item validation and image evaluation functions in accordance withone or more aspects described herein. The events shown in theillustrative event sequence are merely one example sequence andadditional events may be added, or events may be omitted, withoutdeparting from the invention.

Referring to FIG. 2A, at step 201, a check may be received by a device.For instance, a check or other instrument may be received by local usercomputing device 150. As discussed herein, local user computing device150 may include an ATM or other self-service kiosk, a banking associatecomputing device, or the like. Although the event sequence shown anddescribed includes receiving a check by a local user computing device150, in some examples, the check may be received by a remote usercomputing device 170 (e.g., via mobile or online banking applications)without departing from the invention.

At step 202, preliminary processing of the check may be performed. Forinstance, if the check may be converted to a digital image. Additionallyor alternatively, the check image may be stored by the local usercomputing device 150, transmitted to another device for storage or thelike.

At step 203, a connection may be established between the local usercomputing device 150 and the check receiving and processing computingdevice 120. For instance, a first wireless connection may be establishedbetween the local user computing device 150 and the check receiving andprocessing computing device 120. Upon establishing the first wirelessconnection, a communication session may be initiated between the checkreceiving and processing computing device 120 and the local usercomputing device 150.

At step 204, the check or check image may be transmitted from the localuser computing device 150 to the check receiving and processingcomputing device 120. For instance, the check image may be transmittedduring the communication session initiated upon establishing the firstwireless connection.

At step 205, the check image may be received by the check receiving andprocessing computing device 120. At step 206, the check image may beprocessed. For instance, the check image may be evaluated to determine alikelihood that the check is counterfeit or fraudulent. As discussedherein, in some examples, the check image being evaluated may becompared to check images stored in a user profile associated with thepayer of the check being evaluated. For instance, a user profileincluding a plurality of checks written by a user may be generated andstored. Those checks may then be compared to checks being evaluated todetermine whether elements of the check being evaluated match elementsof one or more checks in the user profile.

With reference to FIG. 2B, at step 207, a validity score may begenerated by the potential counterfeit check evaluation computingplatform 110. For instance, a validity score indicating a likelihood ofvalidity of the check based on the matching evaluation process may begenerated.

At step 208, a connection may be established between the check receivingand processing computing device 120 and the potential counterfeit checkevaluation computing platform 110. For instance, a second wirelessconnection may be established between the check receiving and processingcomputing device 120 and the potential counterfeit check evaluationcomputing platform 110. Upon establishing the second wirelessconnection, a communication session may be initiated between the checkreceiving and processing computing device 120 and the potentialcounterfeit check evaluation computing platform 110.

At step 209, the check image and/or associated data (e.g., validityscore) may be transmitted from the check receiving and processingcomputing device 120 to the potential counterfeit check evaluationcomputing platform 110. For instance, the check image and/or associateddata may be transmitted during the communication session initiated uponestablishing hte4 second wireless connection.

At step 210, the check image and/or data may be received by thepotential counterfeit check evaluation computing platform 110. At step211, a user profile associated with a payer of the check being evaluatedmay be received. For instance, data may be extracted from the checkimage or associated data to identify a user, account, and the like,associated with the check. Based on this extracted information, thepotential counterfeit check evaluating computing platform 110 mayretrieve, e.g., from one or more databases, a user profile associatedwith the user and associated check images, data and the like.

At step 212, the check image may be further evaluated (e.g., by a secondsystem different from a system of the check receiving and processingcomputing device and subsequent to evaluation by the check receiving andprocessing computing device 120). For instance, the check image may befurther compared to check images in the retrieved user profile toevaluate one or more regions, fields, elements, or the like, of thecheck to determine whether one or more matches exist.

With reference to FIG. 2C, at step 213, matching and/or non-matchingregions, fields, elements, and the like, of the check or check imagebeing evaluated and one or more checks or check images from the userprofile may be identified. At step 214, a user interface may begenerated. In some examples, the user interface may include images ofthe check being evaluated and one or more checks from the user profilehaving one or more regions, fields, elements, or the like that match ordo not match corresponding regions, fields, elements, or the like, ofthe check being evaluated. Further, the user interface may includehighlighting of the matching or non-matching aspects or otherenhancements identifying matching or non-matching regions, fields,elements, and the like.

Additionally or alternatively, the user interface may include one ormore recommendations or selectable options. For instance, if at least athreshold number of regions, fields, elements, or the like match, thegenerated user interface may include an option to add the check beingevaluated to the user profile. In some examples, the threshold may beretrieved from a database. In some examples, the threshold may includeall regions, fields, elements, or the like, matching. In somearrangements, if a validity score is above a pre-determined threshold,the user interface may be generated to include an option to add thecheck image being evaluated to the user profile. Various otherrecommendations, selectable options, and the like, may be included inthe user interface without departing from the invention.

At step 215, a connection may be established between the potentialcounterfeit check evaluation computing platform 110 and the local usercomputing device 150. For instance, a third wireless connection may beestablished between the potential counterfeit check evaluation computingplatform 110 and the local user computing device 150. Upon establishingthe third wireless connection, a communication session may be initiatedbetween the local user computing device 150 and the potentialcounterfeit check evaluation computing platform 110.

At step 216, the generated user interface may be transmitted to thelocal user computing device 150. For instance, the generated userinterface may be transmitted to the local user interface 150 during thecommunication session initiated upon establishing the third wirelessconnection.

At step 217, the generated user interface may be received by the localuser computing device 150 and may be displayed on a display of the localuser computing device.

At step 218, one or more machine learning datasets may be updated basedon the check image evaluation, generated user interface, and the like.For instance, aspects related to number of matches, fields, regions orelements that match or do not match, validity score, and the like,determined or used in evaluating the check image may be used to updateor validate one or more machine learning datasets.

FIG. 3 is a flow chart illustrating one example method of providing itemvalidation and image evaluation functions according to one or moreaspects described herein. The processes illustrated in FIG. 3 are merelysome example processes and functions. The steps shown may be performedin a different order, more steps may be added, or one or more steps maybe omitted without departing from the invention.

At step 300, a check image and associated data may be received from asystem, such as check receiving and processing computing device 120. Insome examples, the check may have been previously processed by the checkreceiving and processing computing device and a validity score may bedetermined indicating a likelihood that the check or check image isvalid or fraudulent.

At step 302, a user profile may be retrieved. For instance, based on thereceived check image and associated data, a user profile may beretrieved from a database. In some examples, the user profile mayinclude a plurality of previously processed check images associated withthe user (e.g., drawn on an account of the user) that have been deemedvalid and/or not fraudulent or counterfeit.

At step 304, the received check image may be evaluated. For instance,the check image being evaluated may be compared to the check images inthe user profile to identify points, regions, fields, elements, or thelike, on the check being evaluated that match or do not matchcorresponding points, regions, fields, elements or the like on the checkimages from the user profile. In some examples, machine learning may beused to perform some or all of this evaluation.

At step 306, matching and/or non-matching elements of the check beingevaluated and one or more checks from the user profile may beidentified.

At step 308, a determination may be made as to whether there is asufficient number of matches. For instance, a determination may be madeas to whether a number of matches is above a predetermined threshold. Ifnot, a user interface may be generated included the check images in step310.

If the number of matches is above the threshold in step 308, an optionto add the check image of the check image being evaluated to the userprofile may be generated in step 312. In step 314, a user interface maybe generated including the check images and the option to add the checkimage to the user profile. The user interface may be transmitted to oneor more user devices and displayed on the devices.

FIG. 4 illustrates one example user interface that may be generatedbased on the item validation and image evaluation functions describedherein. The interface 400 may include an image of a check 402 beingevaluated and one or more images of checks 404 from a user profileassociated with user 1. The user interface includes enhancements 406 a,406 b, 408 a, 408 b indicating matching elements of the two checks. Forinstance, as shown in FIG. 4, a star is positioned adjacent to matchingelements such as the position of the word “dollars” relative to theline, the position of the word “payee” relative to the payee line.Accordingly, the user interface is generated to include an enhancementto indicate matches. For example, enhancement 406 a corresponds to anenhancement 406 b adjacent one set of matching elements, whileenhancement 408 a corresponds to enhancement 408 b adjacent another setof matching elements. More or fewer matching elements may be identifiedwithout departing from the invention.

Interface 400 further includes a selectable option 410 to add the checkbeing evaluated (e.g., “check 1” to the user profile. Selection of thisoption may prompt display of one or more additional user interfaces.

FIG. 5 illustrates another example user interface that may be generatedbased on the item validation and image evaluation functions describedherein. The interface 500 may include an image of a check 502 beingevaluated and one or more images of checks 504 from a user profileassociated with user 1. The user interface includes enhancements 506 a,506 b, 508 a, 508 b (e.g., highlighting) indicating non-matchingelements of the two checks. For instance, as shown in FIG. 5, the word“dollars” and corresponding line are highlighted in each check toindicate that the two checks do not match (e.g., 506 a illustrates theword “dollars” positioned closer to the line than 506 b). In anotherexample, because the signature of check 2 begins closer to the start ofthe signature line than the signature in check 1, the correspondingregions on each check are highlighted 508 a, 508 b, to indicate that theelements do not match. More or fewer non-matching elements may beidentified without departing from the invention.

In some examples, the enhancements (e.g., highlighting, embellishments,icons, or the like) used to identify matching elements may be the sameor substantially similar to enhancements used to identify non-matchingelements. In other examples, enhancements used to identify matchingelements may be different from enhancements used to identifynon-matching elements.

As discussed herein, aspects described are directed to systems, devicesand arrangements for evaluating the validity of an item, such as a checkor other instrument, and identifying aspects of the check or otherinstrument that formed the basis for the determination of validity.Arrangements discussed herein allow for evaluation of checks or otherinstruments that have been previously evaluated in order to verify theoutput of the evaluation, understand the basis for the output, and thelike. This data may then be used to further update, validate, and/orrefine not only the systems and arrangements described herein but alsosystems and arrangements performing an initial evaluation of a check orother instrument.

The above-described examples and arrangements are merely some examplearrangements in which the systems described herein may be used. Variousother arrangements employing aspects described herein may be usedwithout departing from the invention.

FIG. 6 depicts an illustrative operating environment in which variousaspects of the present disclosure may be implemented in accordance withone or more example embodiments. Referring to FIG. 6, computing systemenvironment 600 may be used according to one or more illustrativeembodiments. Computing system environment 600 is only one example of asuitable computing environment and is not intended to suggest anylimitation as to the scope of use or functionality contained in thedisclosure. Computing system environment 600 should not be interpretedas having any dependency or requirement relating to any one orcombination of components shown in illustrative computing systemenvironment 600.

Computing system environment 600 may include potential counterfeit checkevaluation computing device 601 having processor 603 for controllingoverall operation of potential counterfeit check evaluation computingdevice 601 and its associated components, including Random Access Memory(RAM) 605, Read-Only Memory (ROM) 607, communications module 609, andmemory 615. Potential counterfeit check evaluation computing device 601may include a variety of computer readable media. Computer readablemedia may be any available media that may be accessed by potentialcounterfeit check evaluation computing device 601, may benon-transitory, and may include volatile and nonvolatile, removable andnon-removable media implemented in any method or technology for storageof information such as computer-readable instructions, object code, datastructures, program modules, or other data. Examples of computerreadable media may include Random Access Memory (RAM), Read Only Memory(ROM), Electronically Erasable Programmable Read-Only Memory (EEPROM),flash memory or other memory technology, Compact Disk Read-Only Memory(CD-ROM), Digital Versatile Disk (DVD) or other optical disk storage,magnetic cassettes, magnetic tape, magnetic disk storage or othermagnetic storage devices, or any other medium that can be used to storethe desired information and that can be accessed by computing device601.

Although not required, various aspects described herein may be embodiedas a method, a data transfer system, or as a computer-readable mediumstoring computer-executable instructions. For example, acomputer-readable medium storing instructions to cause a processor toperform steps of a method in accordance with aspects of the disclosedembodiments is contemplated. For example, aspects of method stepsdisclosed herein may be executed on a processor on potential counterfeitcheck evaluation computing device 601. Such a processor may executecomputer-executable instructions stored on a computer-readable medium.

Software may be stored within memory 615 and/or storage to provideinstructions to processor 603 for enabling potential counterfeit checkevaluation computing device 601 to perform various functions asdiscussed herein. For example, memory 615 may store software used bypotential counterfeit check evaluation computing device 601, such asoperating system 617, application programs 619, and associated database621. Also, some or all of the computer executable instructions forpotential counterfeit check evaluation computing device 601 may beembodied in hardware or firmware. Although not shown, RAM 605 mayinclude one or more applications representing the application datastored in RAM 605 while potential counterfeit check evaluation computingdevice 601 is on and corresponding software applications (e.g., softwaretasks) are running on potential counterfeit check evaluation computingdevice 601.

Communications module 609 may include a microphone, keypad, touchscreen, and/or stylus through which a user of potential counterfeitcheck evaluation computing device 601 may provide input, and may alsoinclude one or more of a speaker for providing audio output and a videodisplay device for providing textual, audiovisual and/or graphicaloutput. Computing system environment 600 may also include opticalscanners (not shown).

Potential counterfeit check evaluation computing device 601 may operatein a networked environment supporting connections to one or more remotecomputing devices, such as computing devices 641 and 651. Computingdevices 641 and 651 may be personal computing devices or servers thatinclude any or all of the elements described above relative to potentialcounterfeit check evaluation computing device 601.

The network connections depicted in FIG. 6 may include Local AreaNetwork (LAN) 625 and Wide Area Network (WAN) 629, as well as othernetworks. When used in a LAN networking environment, potentialcounterfeit check evaluation computing device 601 may be connected toLAN 625 through a network interface or adapter in communications module609. When used in a WAN networking environment, potential counterfeitcheck evaluation computing device 601 may include a modem incommunications module 609 or other means for establishing communicationsover WAN 629, such as network 631 (e.g., public network, privatenetwork, Internet, intranet, and the like). The network connectionsshown are illustrative and other means of establishing a communicationslink between the computing devices may be used. Various well-knownprotocols such as Transmission Control Protocol/Internet Protocol(TCP/IP), Ethernet, File Transfer Protocol (FTP), Hypertext TransferProtocol (HTTP) and the like may be used, and the system can be operatedin a client-server configuration to permit a user to retrieve web pagesfrom a web-based server. Any of various conventional web browsers can beused to display and manipulate data on web pages.

The disclosure is operational with numerous other computing systemenvironments or configurations. Examples of computing systems,environments, and/or configurations that may be suitable for use withthe disclosed embodiments include, but are not limited to, personalcomputers (PCs), server computers, hand-held or laptop devices, smartphones, multiprocessor systems, microprocessor-based systems, set topboxes, programmable consumer electronics, network PCs, minicomputers,mainframe computers, distributed computing environments that include anyof the above systems or devices, and the like that are configured toperform the functions described herein.

FIG. 7 depicts an illustrative block diagram of workstations and serversthat may be used to implement the processes and functions of certainaspects of the present disclosure in accordance with one or more exampleembodiments. Referring to FIG. 7, illustrative system 700 may be usedfor implementing example embodiments according to the presentdisclosure. As illustrated, system 700 may include one or moreworkstation computers 701. Workstation 701 may be, for example, adesktop computer, a smartphone, a wireless device, a tablet computer, alaptop computer, and the like, configured to perform various processesdescribed herein. Workstations 701 may be local or remote, and may beconnected by one of communications links 702 to computer network 703that is linked via communications link 705 to potential counterfeitcheck evaluation server 704. In system 700, potential counterfeit checkevaluation server 704 may be a server, processor, computer, or dataprocessing device, or combination of the same, configured to perform thefunctions and/or processes described herein. Server 704 may be used toreceive check images and associated data and/or validation scores,retrieve user profile, evaluate the check image compared to the userprofile, identify matching or non-matching elements, generate userinterfaces, and the like.

Computer network 703 may be any suitable computer network including theInternet, an intranet, a Wide-Area Network (WAN), a Local-Area Network(LAN), a wireless network, a Digital Subscriber Line (DSL) network, aframe relay network, an Asynchronous Transfer Mode network, a VirtualPrivate Network (VPN), or any combination of any of the same.Communications links 702 and 705 may be communications links suitablefor communicating between workstations 701 and potential counterfeitcheck evaluation server 704, such as network links, dial-up links,wireless links, hard-wired links, as well as network types developed inthe future, and the like.

One or more aspects of the disclosure may be embodied in computer-usabledata or computer-executable instructions, such as in one or more programmodules, executed by one or more computers or other devices to performthe operations described herein. Generally, program modules includeroutines, programs, objects, components, data structures, and the likethat perform particular tasks or implement particular abstract datatypes when executed by one or more processors in a computer or otherdata processing device. The computer-executable instructions may bestored as computer-readable instructions on a computer-readable mediumsuch as a hard disk, optical disk, removable storage media, solid-statememory, RAM, and the like. The functionality of the program modules maybe combined or distributed as desired in various embodiments. Inaddition, the functionality may be embodied in whole or in part infirmware or hardware equivalents, such as integrated circuits,Application-Specific Integrated Circuits (ASICs), Field ProgrammableGate Arrays (FPGA), and the like. Particular data structures may be usedto more effectively implement one or more aspects of the disclosure, andsuch data structures are contemplated to be within the scope of computerexecutable instructions and computer-usable data described herein.

Various aspects described herein may be embodied as a method, anapparatus, or as one or more computer-readable media storingcomputer-executable instructions. Accordingly, those aspects may takethe form of an entirely hardware embodiment, an entirely softwareembodiment, an entirely firmware embodiment, or an embodiment combiningsoftware, hardware, and firmware aspects in any combination. Inaddition, various signals representing data or events as describedherein may be transferred between a source and a destination in the formof light or electromagnetic waves traveling through signal-conductingmedia such as metal wires, optical fibers, or wireless transmissionmedia (e.g., air or space). In general, the one or morecomputer-readable media may be and/or include one or more non-transitorycomputer-readable media.

As described herein, the various methods and acts may be operativeacross one or more computing servers and one or more networks. Thefunctionality may be distributed in any manner, or may be located in asingle computing device (e.g., a server, a client computer, and thelike). For example, in alternative embodiments, one or more of thecomputing platforms discussed above may be combined into a singlecomputing platform, and the various functions of each computing platformmay be performed by the single computing platform. In such arrangements,any and/or all of the above-discussed communications between computingplatforms may correspond to data being accessed, moved, modified,updated, and/or otherwise used by the single computing platform.Additionally or alternatively, one or more of the computing platformsdiscussed above may be implemented in one or more virtual machines thatare provided by one or more physical computing devices. In sucharrangements, the various functions of each computing platform may beperformed by the one or more virtual machines, and any and/or all of theabove-discussed communications between computing platforms maycorrespond to data being accessed, moved, modified, updated, and/orotherwise used by the one or more virtual machines.

Aspects of the disclosure have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one or more of the steps depicted in theillustrative figures may be performed in other than the recited order,one or more steps described with respect to one figure may be used incombination with one or more steps described with respect to anotherfigure, and/or one or more depicted steps may be optional in accordancewith aspects of the disclosure.

What is claimed is:
 1. A computing platform, comprising: at least oneprocessor; a communication interface communicatively coupled to the atleast one processor; and memory storing computer-readable instructionsthat, when executed by the at least one processor, cause the computingplatform to: receive an image of a first instrument and associated datafrom an image processing computing device; extract user data from thereceived image of the first instrument and associated data; retrieve auser profile associated with a user of the first instrument, the userprofile including images of a plurality of previously processedinstruments; compare the received image of the first instrument to theimages of the plurality of previously processed instruments in the userprofile; identify, based on the comparing, at least one of: an elementof the first instrument that matches a corresponding element from atleast one instrument of the plurality of previously processedinstruments and an element of the first instrument that does not match acorresponding element from at least one instrument of the plurality ofpreviously processed instruments; responsive to identifying an elementof the first instrument that matches a corresponding element from atleast one instrument of the plurality of previously processedinstruments: generate a first user interface; determine whether a numberof matches between elements of the first instrument and correspondingelements from at least one instrument of the plurality of previouslyprocessed instruments is above a threshold; and responsive todetermining that the number of matches is above the threshold, generatea selectable option to add the first instrument to the user profile; andresponsive to identifying an element of the first instrument that doesnot match a corresponding element from at least one instrument of theplurality of previously processed instruments, generate a second userinterface different from the first user interface.
 2. The computingplatform of claim 1, wherein the received associated data includes anindication of a validity of the instrument.
 3. The computing platform ofclaim 1, wherein the generated first user interface includes theselectable option to add the first instrument to the user profile. 4.The computing platform of claim 1, wherein the received image andassociated data is received after the image has been processed by theimage processing computing device and after an initial evaluation ofvalidity of the instrument has been determined.
 5. The computingplatform of claim 1, wherein the first user interface and the seconduser interface include images of the first instrument and an image of atleast one instrument of the plurality of previously processedinstruments.
 6. The computing platform of claim 1, wherein the firstuser interface includes enhancements identifying the element of thefirst instrument that matches the corresponding element from at leastone instrument of the plurality of previously processed instruments. 7.A method, comprising: at a computing platform comprising at least oneprocessor, memory, and a communication interface: receiving, by the atleast one processor and via the communication interface, an image of afirst instrument and associated data from an image processing computingdevice; extracting, by the at least one processor, user data from thereceived image of the first instrument and associated data; retrieving,by the at least one processor, a user profile associated with a user ofthe first instrument, the user profile including images of a pluralityof previously processed instruments; comparing, by the at least oneprocessor, the received image of the first instrument to the images ofthe plurality of previously processed instruments in the user profile;identifying, by the at least one processor and based on the comparing,at least one of: an element of the first instrument that matches acorresponding element from at least one instrument of the plurality ofpreviously processed instruments and an element of the first instrumentthat does not match a corresponding element from at least one instrumentof the plurality of previously processed instruments; if an element ofthe first instrument that matches a corresponding element from at leastone instrument of the plurality of previously processed instruments isidentified: generating, by the at least one processor, a first userinterface; determining, by the at least one processor, whether a numberof matches between elements of the first instrument and correspondingelements from at least one instrument of the plurality of previouslyprocessed instruments is above a threshold; and if the number of matchesis above the threshold, generating, by the at least one processor, aselectable option to add the first instrument to the user profile; andif an element of the first instrument that does not match acorresponding element from at least one instrument of the plurality ofpreviously processed instruments is identified, generating, by the atleast one processor, a second user interface different from the firstuser interface.
 8. The method of claim 7, wherein the receivedassociated data includes an indication of a validity of the instrument.9. The method of claim 7, wherein the generated first user interfaceincludes the selectable option to add the first instrument to the userprofile.
 10. The method of claim 7, wherein the received image andassociated data is received after the image has been processed by theimage processing computing device and after an initial evaluation ofvalidity of the instrument has been determined.
 11. The method of claim7, wherein the first user interface and the second user interfaceinclude images of the first instrument and an image of at least oneinstrument of the plurality of previously processed instruments.
 12. Themethod of claim 7, wherein the first user interface includesenhancements identifying the element of the first instrument thatmatches the corresponding element from at least one instrument of theplurality of previously processed instruments.
 13. One or morenon-transitory computer-readable media storing instructions that, whenexecuted by a computing platform comprising at least one processor,memory, and a communication interface, cause the computing platform to:receive an image of a first instrument and associated data from an imageprocessing computing device; extract user data from the received imageof the first instrument and associated data; retrieve a user profileassociated with a user of the first instrument, the user profileincluding images of a plurality of previously processed instruments;compare the received image of the first instrument to the images of theplurality of previously processed instruments in the user profile;identify, based on the comparing, at least one of: an element of thefirst instrument that matches a corresponding element from at least oneinstrument of the plurality of previously processed instruments and anelement of the first instrument that does not match a correspondingelement from at least one instrument of the plurality of previouslyprocessed instruments; responsive to identifying an element of the firstinstrument that matches a corresponding element from at least oneinstrument of the plurality of previously processed instruments:generate a first user interface; determine whether a number of matchesbetween elements of the first instrument and corresponding elements fromat least one instrument of the plurality of previously processedinstruments is above a threshold; and responsive to determining that thenumber of matches is above the threshold, generating a selectable optionto add the first instrument to the user profile; and responsive toidentifying an element of the first instrument that does not match acorresponding element from at least one instrument of the plurality ofpreviously processed instruments, generating a second user interfacedifferent from the first user interface.
 14. The one or morenon-transitory computer-readable media of claim 13, wherein the receivedassociated data includes an indication of validity of the instrument.15. The one or more non-transitory computer-readable media of claim 13,wherein the generated first user interface includes the selectableoption to add the first instrument to the user profile.
 16. The one ormore non-transitory computer-readable media of claim 13, wherein thereceived image and associated data is received after the image has beenprocessed by the image processing computing device and after an initialevaluation of validity of the instrument has been determined.
 17. Theone or more non-transitory computer-readable media of claim 13, whereinthe first user interface and the second user interface include images ofthe first instrument and an image of at least one instrument of theplurality of previously processed instruments.
 18. The one or morenon-transitory computer-readable media of claim 13, wherein the firstuser interface includes enhancements identifying the element of thefirst instrument that matches the corresponding element from at leastone instrument of the plurality of previously processed instruments.